def validateSession(userId, appId, sessionId):
print("validate user")
sessionValid = True
result = checkfetchSessionDataExsists(userId, appId, sessionId)
if result != "" and result is not None:
sessionInsec = (datetime.now() -
result["LAST_REQ_TIME"]).total_seconds()
lastloginInSec = (datetime.now() -
result["LOGIN_TIME"]).total_seconds()
config = excecuteFetchoneQuery(
"SELECT * FROM TB_APP_CONFIGS where app_id like '" + appId + "'")
if config != "" and config is not None:
sessionExpiry = config["SESSION_TIMEOUT"]
loginExpiry = config["LOGIN_TIMEOUT"]
newExpiry = config["NEW_DAY_EXPIRY"]
isNewExpiry = isNewDay(result["LOGIN_TIME"], newExpiry)
if result[
"SESSION_ID"] == sessionId and sessionInsec > sessionExpiry and lastloginInSec > loginExpiry and (
not isNewExpiry):
updatesessionExpiry(userId, appId)
sessionValid = False
else:
updateSession(userId, appId, sessionId)
else:
sessionValid = False
else:
sessionValid = False
return sessionValid
def fetchSessionDataExsists(userId, appId):
sessionData = ""
result = excecuteFetchoneQuery(
"""SELECT * FROM "TB_USER_LAST_LOGIN" where "USER_ID" like '""" +
userId + """' and "APP_ID" like '""" + appId + "'")
if result != "" and result is not None:
if result["SESSION_ID"] != "" and result["SESSION_ID"] is not None:
sessionData = result
return sessionData
def pinExpiry(appid, userid):
logging.debug("pin expiry")
result = excecuteFetchoneQuery(
"""SELECT max("CHANGE_TIME") as LAST_MODF FROM "TB_USER_PASSWORDS" where "USER_ID" like '"""
+ userid + """' and "APP_ID" like '""" + appid + "'")
if result != "" and str(result) != "[None]" and result is not None:
logging.debug("password present")
maxModf = result["LAST_MODF"]
config = excecuteFetchoneQuery(
"""SELECT * FROM "TB_APP_CONFIGS" where "APP_ID" like '""" +
appid + "'")
if config != "" and config is not None:
passwordExpiry = config["PASS_CHANGE_FREQ"]
logging.debug(maxModf)
return checkExpiry(maxModf, passwordExpiry)
else:
return True
else:
logging.debug("No previous password")
return False
def login_user(req, userId, appid):
logging.debug("Login user")
pin = req['requestData']['pin']
result = excecuteFetchoneQuery(
"""SELECT * FROM "TB_USER_DETAILS" where "USER_ID" like '""" + userId +
"""' and "APP_ID" like '""" + appid + "'")
res = authenticate_user(result, userId, appid, pin)
if res['loginResp']['code'] == "000":
sessionId = fetchSession(userId, appid)
res = updateRespJson(res, "loginResp", {"sessionId": sessionId})
return res